On Tue, Dec 07, 2021 at 09:57:11PM +0100, Thomas L. wrote: > > Where do you find the definition of cipher settings: all, insecure, > > default, etc? The "man tls_config_set_ciphers" mentions them but > > doesn't define them. Neither does "man openssl". > > > > "TLSv1.2:ECDHE-RSA-AES256-SHA384:256" looks reasonably modern, why is > > it not part of "ciphers secure"? > > Looking at > https://github.com/openbsd/src/blob/master/lib/libtls/tls_internal.h#L35 > default/secure maps to "TLSv1.3:TLSv1.2+AEAD+ECDHE:TLSv1.2+AEAD+DHE", > so only the AEAD and PFS ciphers from tls1.2 (all tls1.3 ciphers do > AEAD and PFS). AEAD does encryption and mac in one go, thus avoiding > potential future padding oracle attacks. PFS ensures that a future leak > of the certificate key does not compromise previous sessions. The > cipher of your peer does no AEAD and is therefore rejected. You can use > "ciphers compat" to accept it. > > > Steve > > > > Kind regards, > > Thomas
That was very helpful, thanks for the reply. Steve